andyg666 Posted December 15, 2006 Share Posted December 15, 2006 I have adapted one of the user registration and login scripts i found here. I set it up months ago, and now I have a real project to apply it to. It was working fine many months ago, but now I'm getting the following error when i attempt to login:[quote]Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0[/quote]here is the code:[code]<?phpsession_start();require_once('connect.php');if(isset($_POST['login'])) { $error = ''; $username = $_POST['username']; $password = $_POST['password']; if($username == "" || $password == "") { $error .= 'A required field was left blank.<br />'; } $password = md5($password); if(get_magic_quotes_gpc()) { $username = $username; } else { $username = addslashes($username); } $result = mysql_query("SELECT * FROM users WHERE UserName='".$username."' AND UserPWD='".$password."'") or die(mysql_error()); $valid_login = mysql_num_rows($result); if($valid_login == 0) { $error .= "The supplied username and/or password was incorrect.<br />"; } if($error == "") { $data = mysql_fetch_array($result); $_SESSION['username'] = $data['username']; $utime = date("Y/m/d, H:i:s"); mysql_query("UPDATE users SET LastLogin='".$utime."' WHERE UserName='".$username."'"); echo '<meta http-equiv="Refresh" Content="5; URL=index.php"><BR> Thank you for logging in, '.$_SESSION['username'].'.'; die(); setcookie("user", $_SESSION['username'], time()+3600); } else{ echo 'The following errors were returned:<br />'.$error.'<br />'; echo $username.', '.$password; }}?><html><head><meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /><title>Log In</title><style type="text/css">.container { text-align: center; border: 1px solid #000000; width: 300px;}td { text-align: left;}</style></head><body><form action="login.php" method="post"><table class="container" align="center" cellspacing="0" cellpadding="0"> <tr> <td colspan="2" style="text-align:center;"><h1>Log In</h1></td> </tr> <tr> <td>Username:</td> <td><input type="text" name="username" maxlength="20" /></td> </tr> <tr> <td>Password:</td> <td><input type="password" name="password" /></td> </tr> <tr> <td colspan="2" style="text-align:center;"><input name="login" type="submit" value="Log In" /></td> </tr> <tr> <td colspan="2" style="text-align:center;"><a href="register.php">Register</a> | <a href="index.php">Index</a></td> </tr></table></form></body></html>[/code]it IS updating the lastlogin field. but it doesn't set the cookie. what global variable is it talking about? and how can i fix this? thanks. Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/ Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 remove die(); from your script. Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141784 Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 [quote author=complex05 link=topic=118746.msg485477#msg485477 date=1166200583]remove die(); from your script.[/quote]D'OH!! thanks. Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141793 Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 it's removed. now i get 2 errors...[quote]Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\xampplite\htdocs\thebeathub\login.php:38) in C:\xampp\xampplite\htdocs\thebeathub\login.php on line 39Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0[/quote] Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141794 Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 the first line of your script, type ob_start(); Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141795 Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 ok, did that. the original error message is still there and it's not setting the cookie. this is weird because it was working in the past. all i didnt was change the database name in the connect.php file and some of the field names in the script itself. i'm wondering why it now requires all of this fixing...thanks for your help, by the way. Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141798 Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 Are you hosting this file on a web server? It's possible that whoever is maintaining your server upgraded the version of PHP that may have a session bug in it.Your script appears to be fine and should work. Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141800 Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 no i'm using xxamplite. should i see if there are any upgrades or patches available? maybe it's a firewall problem?PHP Version 5.1.4 Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141802 Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 No I don't think it's a firewall issue. Try reinstalling XAMP (and get the full version) and see if that helps. If not, I will continue to try to help you with this. Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141805 Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 thanks much! Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141813 Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 i fixed it like by getting rid of the $data and $result and just setting $_SESSION with the $username variable. it works, but is this a viable and secure solution?[code] if($error == "") { // $data = mysql_fetch_array($result); // $_SESSION['username'] = $data['username']; $_SESSION['username'] = $username; $utime = date("Y/m/d, H:i:s"); mysql_query("UPDATE users SET LastLogin='".$utime."' WHERE UserName='".$username."'"); echo '<meta http-equiv="Refresh" Content="20; URL=index.php"><BR> Thank you for logging in, '.$_SESSION['username'].'.'; setcookie("user", $_SESSION['username'], time()+3600); }[/code] Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141850 Share on other sites More sharing options...
complex05 Posted December 15, 2006 Share Posted December 15, 2006 where is the $username variable coming from? Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141851 Share on other sites More sharing options...
andyg666 Posted December 15, 2006 Author Share Posted December 15, 2006 an HTML form$username = $_POST['username']; Link to comment https://forums.phpfreaks.com/topic/30764-register_globals/#findComment-141858 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.